The government has unveiled the second major weapon in its cyber defence
armoury – the Computer Emergency Response Team

The British government has finally launched its Computer Emergency Response Team (CERT-UK), with the aim of boulstering the UK's defences against cyber threats ranging from hackers to state-sponsored attacks.

First announced in December 2012 as a key element of government’s £650m cyber security strategy, CERT-UK was initially supposed to launch by the end of 2013, but was delayed until 2014.

The unit is responsible for coordinating the management of national cyber security incidents, and helping critical national infrastructure companies to become more resilient. It will also engage with international partners to manage cyber incidents that cross national borders.

Speaking at the launch of CERT-UK today, Cabinet Minister Francis Maude said that 93 per cent of large corporations had a breach in the past financial year, with each incident costing an average of between £450,000 and £850,000. One London-based company lost £800 million worth of revenue because of an attack.

"Cyber threats to the UK are diffuse, unpredictable and generally anonymous. They could come from organised criminals based in another continent; or they could come from a teenage computer hacker closer to home," said Mr Maude.

"The cyber hacker needs to succeed only once, but those protecting us must be successful all the time; around the clock, day after day, week after week. And of course, nothing in the digital world ever stands still. It’s forensic and painstaking work and it’s absolutely relentless. I have a very high level of confidence that we can achieve this."

CERT-UK follows the launch of the Cyber Information Sharing Partnership (CISP) last year. CISP allows government and business partners to exchange information on threats and vulnerabilities as they occur. CISP now consists of around 1,000 individual members, and over 350 businesses and organisations.

CISP will now be absorbed into CERT-UK, and the two teams will work together to promote awareness within British companies and help them mitigation of threats.

Commenting on the news, Martin Sutherland, managing director of BAE Systems Applied Intelligence, said that highly sophisticated groups of adversaries – whether criminal or state-sponsored – are becoming increasingly well organised and developing ever more complex tools with which to attack their targets.

"There has rarely been such a far reaching menace with the ability to threaten every aspect of society – critical infrastructure, business, and the economy as a whole," he said.

“In the face of this, it is vital that the government takes a strong lead and provides an efficient infrastructure that allows the security community to collaborate and share vital information."

Rob Cotton, chief executive of information assurance firm NCC Group added that the key to effective cyber incident management is good communication, co-ordination and technical ability.

"As the speed and scale of cyber attacks grow it is essential for countries to provide a central co-ordination point and a greater focus on collaboration of threat intelligence sources," he said. "This is a smart move from the government, and comes at an important time as the threat of an attack on national infrastructure grows."